Slashdot Mirror

← Back to Stories (view on slashdot.org)

SSL and the Future of Authenticity

Posted by Soulskill on from the laying-off-alice-and-bob dept.

An anonymous reader writes "There has been a growing tide of support for replacing SSL's Certificate Authorities with an alternative authentication mechanism. Moxie Marlinspike, the security researcher who has repeatedly published attacks against SSL, has written an in-depth piece about the questions we should be asking as we move forward, and urges strong caution about adopting DNSSEC for this task."

3 of 98 comments (clear)

  1. RTFA by Tigger's+Pet · · Score: 3, Informative

    I just hope that the many people who will post on here, with all their different opinions will actually take the time to read the article first. I know that is asking for a lot on /. but I can hope. Moxie Marlinspike (what a great name by the way) has really done a great piece of work here and it deserves to be read and digested before being critiqued.

    1. Re:RTFA by Culture20 · · Score: 3, Informative

      Are you positive GoDaddy is being picked on because of the hunting thing?

      I am. The link to the hunting is in a sentence denouncing goDaddy's trustworthiness based on his personal trustworthiness (without other reasons cited).

      There are definitely many more reasons to not trust the security of GoDaddy.

      Would have been nice for TFA to state them. Sure, we here at /. know those reasons, but the populace at large doesn't. Most people think GoDaddy is a porn site.

  2. Re:Sure, we can replace SSL. by Anonymous Coward · · Score: 3, Informative

    The idea isn't to replace SSL, just the authenticity mechanism the browsers employ. Most of what's on the table allows browsers to use the new system and old system simultaneously, with a "both must pass" or "either can pass" setting. So it's not the transition that is difficult.